200 Hackers Test Security of The Hague
On 27 September 2021, the digital infrastructure of the municipality of The Hague was scrutinised by 206 ethical national and international hackers. Among the 125 reported vulnerabilities were; unsafe access to accounts, outdated software, the ability to inject malicious code into a website and an account that could be taken over completely.
Saskia Bruines, Alderman Economic Affairs, International Affairs and Municipal Services municipality of The Hague: ''As city of peace, justice and security The Hague represents well protected ICT-systems and, of course, we would like to keep it that way. That is why the municipality allows this community of ethical hackers to put their security to the test on a yearly basis. It’s quite exiting, but it provides a lot of insights. They help the organisation disclosing the vulnerabilities in the systems and find solutions that solve the problems. A lot of knowledge lies here, which is proven each year during Hâck The Hague.''
Disclosed vulnerabilities
Various vulnerabilities were disclosed, and ranked in the categories Most Creative Hack, Most Advanced Hack, Most Impactful Hack and The Hâckademic Award.
Jeroen Schipper, CISO of the municipality of The Hague: “we are happy with the findings and will start solving them as soon as possible. Some findings have actually already been solved by our team or the supplier.”
Large international turnout
This year 206 hackers participated, of which 152 professional hackers and 54 student hackers. Hackers represented at least 22 different countries; Algeria, Bangladesh, Egypt, England, France, Germany, India, Iran, Italy, Kenya, Moldova, the Netherlands, Nigeria, Pakistan, Poland, Portugal, Romania, Spain, Sweden, Tunisia, Ukraine, United States.
All organisations, among which municipalities, are exposed to digital risks of cybercrime on a daily basis. The theme is constantly evolving in municipalities. In the physical world it is clear where the power of the municipalities lie, but in the digital world this is still pioneering. With Hâck The Hague, the ICT of the municipality is viewed from a new outside-in perspective. But it delivers more than that. With the competition, the municipality aims to enthuse students to start a career in cybersecurity. This is much needed, because the demand for cybersecurity specialists will continue to increase in the coming years.
Online event
This year, Hâck The Hague took place exclusively online due to the COVID-19 pandemic. Previous editions saw 79 hackers with their laptops in the Atrium of the City Hall, which was an impressive spectacle. This year more than 200 hackers were welcomed both national and international. The format of the event next year is still a bit unsure, but the aim is to organise a physical edition again. Do you want to know how to increase the digital resilience of your organisation and possibly even organise a hacking event yourself? Sign up here for the Cybersprint e-guide.
Cybersprint
Hâck The Hague was organised in collaboration with Cybersprint. This cyber security company from The Hague provides insights into the digital attack surface of organisations. The Attack Surface Management solution provides a continuous and automated overview of digital assets from a hackers’ point of view and monitors risks. These insights provide organisations control over their attack surface and gives them the opportunity to mitigate vulnerabilities.